The document discusses the history and importance of cyber insurance, highlighting its evolution since the late 1990s and the increasing market demand due to rising cyber risks. It outlines reasons for purchasing cyber insurance, including privacy legislation, risk management frameworks, and exposure to cyber threats, while also explaining various scenarios that illustrate potential losses. The text emphasizes the gaps in traditional insurance coverage regarding cyber incidents and the need for specialized cyber insurance to address these risks.

1. CYBER RISKS & CYBER
INSURANCE
The
Cyber
Insurance
Consultancy
Chris Stallard – Chief Insurance Imagineer
chris@zemstarinsurance.com.au

2. ‘CYBER’ – WHERE DID IT COME FROM?
First coined from Mathematics Professor Norbert Wiener in 1948.
Ground breaking account of various systems that led and influenced
AI and complex systems.
“Cyber” itself is derived from a Greek term meaning ‘steersman’ or
‘governor’
Chris Stallard – Chief Insurance Imagineer
chris@zemstarinsurance.com.au

3. A BRIEF HISTORY OF CYBER TIME
First policies
bound in the
US in the late
1990’s
Low product evolution
due to Y2K and 9/11
2016 -
US – Mature
UK/Europe – Growing
Asia/AU and NZ – Emerging
2008 –
Cyber Premiums
in region of $500m
Circa. 2000 –
First Betterley Report
on Cyber Insurance
2020 –
Global GWP
Estimated at $7.5bn
to $15bn
Chris Stallard – Chief Insurance Imagineer
chris@zemstarinsurance.com.au

4. WHY BUY CYBER INSURANCE?
• Privacy Legislation including the Australian Privacy Principles (APPs)
• Forms part of an effective risk management framework
• PCI-DSS obligations
• Ubiquitous exposure - IoT
• Lack of coverage within traditional insurance programs
• Potential for system vulnerabilities
• Benefits of accessing expertise when it is needed
• Bad guys attack weaknesses not strengths
Chris Stallard – Chief Insurance Imagineer
chris@zemstarinsurance.com.au

5. GREAT NEWS !! –
YOU HAVE THE SKILLS TO SELL
As an Insurance
Professional, you already
have risk transfer knowledge.
Risk considerations and
exposures associated with
Cyber are very similar to
those that businesses
already face.
Quite simply, a business
faces the impact of a Cyber
event on their operations and
revenue.
In addition to first party
exposures they have to third
parties (customers primarily).
In line with tradition, there will
be costs and expenses
associated with managing
impact:
- including increased costs
of working
- business interruption
- defence costs
- investigation costs
- other expenses such as
expert services.
Chris Stallard – Chief Insurance Imagineer
chris@zemstarinsurance.com.au

6. CYBER….YOUR FAMILIAR BUT NEW RISK
Fire Damage Business Interruption Event Expenses Third Party Actions
E-mail
attachment
contained the
Virus
Virus
Attack
Applications
and Data
Damage
3 weeks to
reconstitute
data and 3
months to
recover
BI
Systems &
Data
recovery
experts,
Customer
comms.
Event
Expense
Customers
bring action
following
exposure of
PII
Third
Party
Actions
Chris Stallard – Chief Insurance Imagineer
chris@zemstarinsurance.com.au

7. CYBER COVERAGE
BI
Cost to replace, restore (data) from network breach
Costs of extortion monies and expenses
Business Interruption – loss of income and extra expenses
Identity theft
Breach of Privacy
Failure to protect confidential data
Transmission of spyware, viruses & code
Notification costs incurred
Regulatory Defence costs
PR and Crisis Management costs
Fine and Penalties
1st Party
3rd Party
Costs
Damage
Event
Expense
TPAs Event
Expense
Event
Expense
Chris Stallard – Chief Insurance Imagineer
chris@zemstarinsurance.com.au

8. RISK TRANSFER OR COVER GAP?
TRADITIONAL
PROGRAM
COVERS
Versus
COVERAGE
SHORTFALLS
Unlikely that policies will provide cover for data breaches
Typically require physical loss or damage and may specifically exclude electronic data
Would usually only respond to actions bought against D&Os for ‘Wrongful Act’
Cover is not usually afforded for information/data breaches (unless part of ‘Professional Services)
Most Cyber extensions are only as effective as the underlying policy trigger
GL
D&O
/ML
PROP
PI/
E&O
EXTS.
Chris Stallard – Chief Insurance Imagineer
chris@zemstarinsurance.com.au

9. LOSS SCENARIOS:
LOST LAPTOP
A laptop which is used by a
number of employees is left in a
coffee shop in the Sydney CBD. It
cannot be located.
The Laptop contains 25,000
customers records including
names, addresses and banking
information.
RANSOMWARE
A business owner opens their
first e-mail of the day.The
opening line reads “Your data has
been locked by us”.
The content is clear, there is a
threat that the company data will
be erased unless a ransom of 250
Bitcoins is paid.
SYSTEMVULNERABILITY
Personal and financial
information has been obtain via
security weaknesses in a
computer system. Over 250,000
identities implicated.
The Insured was made aware of
the breach/es by the Federal
Police and immediate cessation
of operations is required.
Chris Stallard – Chief Insurance Imagineer
chris@zemstarinsurance.com.au

10. SCENARIO 1
A company laptop has been left in a coffee shop in the Sydney CBD. It cannot be located.
The Laptop contains 25,000 customers records including names, addresses and banking information.
LOST
LAPTOP
Most policies will cover the costs of
recovering data (but usually only as a
result of a ‘virus’ attack).
Policies do not typically cover physical
property and the laptop should be
insured under a property policy
1st Party
Most policies will provide cover for
actions bought against the insured for
breach or privacy or for damages as a
result of personal information
impacting a third party e.g. credit
history black marks.
3rd Party
• Notifying customers of breach
• Costs of monitoring credit reports
• Defence costs in respect of third
party claims or regulatory
investigation/action
Costs
Chris Stallard – Chief Insurance Imagineer
chris@zemstarinsurance.com.au

11. SCENARIO 2
Business owner opens an e-mail.The opening line reads “Your data has been locked by us”.
There is a threat that the company data will be erased unless a ransom of 250 Bitcoins is paid.
RANSOM
Extortion threats are usually covered
under market forms including the
payment of monies to release or
prevent data damage. However, the
recommendation is that no payment is
made, as monies demanded can
increase and there is no guarantee that
data will be left untouched
1st Party
In the event that any PII or PHI is
exposed then most policies will
respond to actions bought by third
parties and/or regulatory authorities
3rd Party
• Costs of monitoring credit reports
• Investigation and virus removal
costs
• Defence costs in respect of third
party claims or regulatory
investigation/action
Costs
Chris Stallard – Chief Insurance Imagineer
chris@zemstarinsurance.com.au

12. SCENARIO 3
Personal and financial information has been obtain via a weaknesses in a computer system. Over 250,000
identities implicated.
Federal Police advised insured of the breach and immediate cessation of operations is required.
SYSTEM
VULNERABILITY
Should the investigation result in a
material impact to the operations of
the business preventing them from
operating, some policies do make
provision for impact on profit or
revenue
1st Party
In the event that any PII or PHI is
exposed then most policies will
respond to actions bought by third
parties and/or regulatory authorities.
3rd Party
• Costs of monitoring credit reports
• Investigation and virus removal
costs
• Defence costs in respect of third
party claims or regulatory
investigation/action
Costs
Chris Stallard – Chief Insurance Imagineer
chris@zemstarinsurance.com.au